摘要
计算系统脆弱性分析是系统安全领域研究的热点问题之一。随着多核技术的出现,计算系统呈现开放性和动态性的特征。有鉴于此,在研究现有系统安全风险分析的基础上,提出了面向动态计算系统的安全分析模型,它利用动态贝叶斯网络构建攻击图,以解决计算系统脆弱性动态转移的问题。最后,以虚拟计算系统为实例验证了所提方法的效率和性能。实例仿真表明,该方法是动态系统安全风险分析的一种新的有效途径。
In recent years,computing system vulnerability analysis attracts more and more researchers, which has be- come a hot spot in the field of system security. With the emergence of multi-core technology, computing systems become more open and dynamic. An attack graph-based dynamic security analysis model was proposed, which can measure com- bined effect of dynamic computing system vulnerabilities. An improved attack map generation algorithm was also pre- sented to improve performance and simplify further security analysis by system administrators. Moreover,a virtual com- puting system-based example shows the analysis process of the proposed method and validates its efficiency and per- formance. The experimental results show that our method is an effective way to dynamic system security risk analysis.
出处
《计算机科学》
CSCD
北大核心
2010年第2期61-64,共4页
Computer Science
基金
国家自然科学基金(60803114)
国家重点基础研究发展计划(973项目2007CB310900)资助
关键词
系统安全
安全分析
攻击图
动态贝叶斯网络
System security,Security analysis,Attack graph,Dynamic baysian network